vbrandl/WIS-SEC-BOF
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use biblatex

Browse Source
This commit is contained in:
Valentin Brandl 2019-10-29 11:09:23 +01:00
parent 133d7badd9
commit 475e37b633
No known key found for this signature in database
GPG Key ID: 30D341DD34118D7D
2 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
work/01paper.pdf
View File

Binary file not shown.

37
work/01paper.tex
View File

@ -1,7 +1,11 @@
\documentclass[conference]{IEEEtran} \documentclass[conference]{IEEEtran}
\IEEEoverridecommandlockouts{} \IEEEoverridecommandlockouts{}
% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out. % The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out.
\usepackage{cite} \usepackage{csquotes}
\usepackage[style=ieee,backend=biber]{biblatex}
\addbibresource{./bibliography.bib}
\usepackage{amsmath,amssymb,amsfonts} \usepackage{amsmath,amssymb,amsfonts}
\usepackage{algorithmic} \usepackage{algorithmic}
\usepackage{booktabs} \usepackage{booktabs}
@ -99,17 +103,18 @@ is to check, if a write or read operation is out of bounds. This requires
storing the size of a buffer together with the pointer to the buffer and check storing the size of a buffer together with the pointer to the buffer and check
for each read or write in the buffer, if it is in bounds at runtime. for each read or write in the buffer, if it is in bounds at runtime.
\subsubsection{Prevent Overriding Return Address} \subsubsection{Prevent/Detect Overriding Return Address}
Since most traditional buffer overflow exploits work by overriding the return Since most traditional buffer overflow exploits work by overriding the return
address in the current stack frame, preventing or at least detecting this, can address in the current stack frame, preventing or at least detecting this, can
be quite effective without much overhead at runtime. Chiueh et al describe a be quite effective without much overhead at runtime. \citeauthor{Rad2001}
technique that stores a redudnant copy of the return address in a secure memory describe a technique that stores a redudnant copy of the return address in a
area that is guarded by read-only memory, so it cannot be overwritten by secure memory area that is guarded by read-only memory, so it cannot be
overflows. When returning, the copy of the return address is compared to the one overwritten by overflows. When returning, the copy of the return address is
in the current stack frame and only, if it matches, the ret instruction is compared to the one in the current stack frame and only, if it matches, the ret
actually executed\cite{Rad2001}. While this is effective against return oriented instruction is actually executed\cite{Rad2001}. While this is effective against
programming based exploits, it does not protect against vtable overrides. return oriented programming based exploits, it does not protect against vtable
overrides.
An older technique from 1998 proposes to put a canary word between the data of a An older technique from 1998 proposes to put a canary word between the data of a
stack frame and the return address\cite{Stackguard1998}. When returning, the stack frame and the return address\cite{Stackguard1998}. When returning, the
@ -123,10 +128,10 @@ canary intact.
\subsubsection{Static Analysis} \subsubsection{Static Analysis}
\subsubsection{Type System Solutions} \subsubsection{Type System Solutions}
Condit et al propose an extension to the C type system that extends it with \citeauthor{Dep2007} propose an extension to the C type system that extends it
dependent types. These types have an associated value, e.g. a pointer type can with dependent types. These types have an associated value, e.g. a pointer type
have the buffer size associated to it. This prevents indexing into a buffer with can have the buffer size associated to it. This prevents indexing into a buffer
out of bounds values. with out of bounds values.
\subsubsection{ASLR} \subsubsection{ASLR}
@ -197,9 +202,9 @@ unsafe C.
\end{itemize} \end{itemize}
\printbibliography
\bibliographystyle{IEEEtran} % \bibliographystyle{IEEEtran}
\bibliography{bibliography} % \bibliography{bibliography}
\end{document} \end{document}
% vim: set filetype=tex ts=2 sw=2 tw=80 et spell : % vim: set filetype=tex ts=2 sw=2 tw=80 et spell :